Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/xq7eF4vg8c3V2xQvveah7LJZv-A.roa
File: xq7eF4vg8c3V2xQvveah7LJZv-A.roa (raw, json)
Hash identifier: atQkAxpvj5iGJRjdwa/1uBWThI8y8UsCB5Ad2gGNyxg=
Subject key identifier: C6:AE:DE:17:8B:E0:F1:CD:D5:DB:14:2F:BD:E6:A1:EC:B2:59:BF:E0
Certificate issuer: /CN=b51e3f6bebcd05291dc5265e08b1cd6c401b9cfd
Certificate serial: 019423D73E45D2908EEB80416C67AEEC1036
Authority key identifier: B5:1E:3F:6B:EB:CD:05:29:1D:C5:26:5E:08:B1:CD:6C:40:1B:9C:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tR4_a-vNBSkdxSZeCLHNbEAbnP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/xq7eF4vg8c3V2xQvveah7LJZv-A.roa
Signing time: Wed 01 Jan 2025 21:48:16 +0000
ROA not before: Wed 01 Jan 2025 21:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8495
IP address blocks: 85.209.200.0/22 maxlen: 24
89.146.192.0/18 maxlen: 24
195.34.160.0/19 maxlen: 24
2a01:130::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/tR4_a-vNBSkdxSZeCLHNbEAbnP0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/tR4_a-vNBSkdxSZeCLHNbEAbnP0.mft
rsync://rpki.ripe.net/repository/DEFAULT/tR4_a-vNBSkdxSZeCLHNbEAbnP0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 20:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:3e:45:d2:90:8e:eb:80:41:6c:67:ae:ec:10:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b51e3f6bebcd05291dc5265e08b1cd6c401b9cfd
Validity
Not Before: Jan 1 21:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6aede178be0f1cdd5db142fbde6a1ecb259bfe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:fa:81:06:15:43:91:3b:38:6a:25:6a:f2:e5:
d1:fd:44:67:98:84:c0:7e:0b:f0:66:b8:79:77:d2:
84:20:89:fb:38:47:bd:d4:94:bb:d3:fe:cd:52:5b:
8a:34:85:10:08:a5:dd:e0:11:de:d5:f9:d4:37:a1:
5b:71:6b:35:e6:b6:28:67:da:2d:a6:43:ab:3d:94:
78:fd:f1:c6:19:37:6b:90:f9:97:db:63:e7:26:1b:
bc:c8:df:44:d6:94:cc:90:53:3b:cf:36:15:53:64:
45:50:cc:1b:2b:0d:55:b9:06:d8:cc:18:75:19:c6:
d0:b5:56:f9:08:eb:98:44:00:5e:29:0f:60:36:9e:
fc:aa:6c:f9:c6:fb:db:b2:11:de:b8:1f:3c:ce:ca:
d0:23:7b:e7:51:78:fb:c0:58:17:5a:8c:fe:70:dc:
2f:a1:5d:22:1e:c8:f7:e7:e7:10:a0:09:99:c5:6f:
e9:df:96:48:70:33:27:75:20:84:28:f8:40:fb:77:
58:77:ba:67:29:26:ec:61:06:4f:92:14:58:80:20:
db:94:d6:f6:38:ff:1f:67:ab:83:6a:bd:12:34:58:
c3:71:65:a3:bc:fe:cf:bd:2e:04:e6:c8:b9:7d:23:
f1:f3:cc:81:e0:1c:6b:b0:4a:74:dd:ab:08:7d:1b:
c2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:AE:DE:17:8B:E0:F1:CD:D5:DB:14:2F:BD:E6:A1:EC:B2:59:BF:E0
X509v3 Authority Key Identifier:
keyid:B5:1E:3F:6B:EB:CD:05:29:1D:C5:26:5E:08:B1:CD:6C:40:1B:9C:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tR4_a-vNBSkdxSZeCLHNbEAbnP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/xq7eF4vg8c3V2xQvveah7LJZv-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/tR4_a-vNBSkdxSZeCLHNbEAbnP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.200.0/22
89.146.192.0/18
195.34.160.0/19
IPv6:
2a01:130::/32
Signature Algorithm: sha256WithRSAEncryption
1d:57:de:66:8b:64:35:66:59:a7:d7:46:a1:03:dd:63:dc:4d:
80:73:f5:3c:f4:7f:a4:f7:06:31:6e:fb:9a:88:ac:db:48:95:
2e:d0:6c:41:a6:22:4a:39:fd:1a:ad:08:a6:41:13:5b:e8:7d:
a3:e4:b7:6b:42:ca:39:33:ec:8c:06:a4:33:f4:7c:85:98:d3:
12:ba:a7:8e:14:43:f3:7c:ee:26:44:4b:37:2a:eb:36:70:42:
db:11:56:5c:7e:8f:37:22:c4:b7:6d:ab:20:ff:f1:37:63:f2:
6d:36:98:a0:77:e7:a1:e1:ec:9d:eb:d1:33:d2:a4:bf:7d:d2:
ac:22:a3:6f:b8:46:86:65:82:fd:38:ce:5f:81:bb:65:4b:3d:
0b:c8:b2:af:41:13:b4:ee:31:c0:0b:c0:20:aa:d2:c5:66:3d:
8c:6f:03:d3:67:64:5c:76:8b:5f:c8:1e:0d:3a:01:1d:f4:fb:
90:31:b9:b0:dc:ab:22:54:3d:60:3f:3a:a9:03:57:ba:67:c1:
a8:f8:6c:03:46:20:68:28:99:95:1d:8b:31:00:90:4e:86:15:
a7:03:96:08:5d:69:d7:43:f1:95:2f:9a:7f:99:e4:48:b9:a5:
c4:6b:90:dc:64:b4:78:94:13:51:d3:f2:94:4f:8e:01:a3:9b:
0a:57:4b:3d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQj1z5F0pCO64BBbGeu7BA2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MWUzZjZiZWJjZDA1MjkxZGM1MjY1ZTA4YjFjZDZjNDAx
YjljZmQwHhcNMjUwMTAxMjE0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmFlZGUxNzhiZTBmMWNkZDVkYjE0MmZiZGU2YTFlY2IyNTliZmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7PqBBhVDkTs4aiVq8uXR/URnmITA
fgvwZrh5d9KEIIn7OEe91JS70/7NUluKNIUQCKXd4BHe1fnUN6FbcWs15rYoZ9ot
pkOrPZR4/fHGGTdrkPmX22PnJhu8yN9E1pTMkFM7zzYVU2RFUMwbKw1VuQbYzBh1
GcbQtVb5COuYRABeKQ9gNp78qmz5xvvbshHeuB88zsrQI3vnUXj7wFgXWoz+cNwv
oV0iHsj35+cQoAmZxW/p35ZIcDMndSCEKPhA+3dYd7pnKSbsYQZPkhRYgCDblNb2
OP8fZ6uDar0SNFjDcWWjvP7PvS4E5si5fSPx88yB4BxrsEp03asIfRvCNQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMau3heL4PHN1dsUL73moeyyWb/gMB8GA1UdIwQY
MBaAFLUeP2vrzQUpHcUmXgixzWxAG5z9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFI0X2Etdk5CU2tkeFNaZUNMSE5iRUFiblAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wMmZkZmQtN2FjOC00MzIxLWI5MzAt
OGZhNTUxZTZhZTc1LzEveHE3ZUY0dmc4YzNWMnhRdnZlYWg3TEpadi1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wMmZkZmQtN2FjOC00MzIxLWI5MzAtOGZhNTUxZTZhZTc1
LzEvdFI0X2Etdk5CU2tkeFNaZUNMSE5iRUFiblAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCVdHIAwQG
WZLAAwQFwyKgMA0EAgACMAcDBQAqAQEwMA0GCSqGSIb3DQEBCwUAA4IBAQAdV95m
i2Q1Zlmn10ahA91j3E2Ac/U89H+k9wYxbvuaiKzbSJUu0GxBpiJKOf0arQimQRNb
6H2j5LdrQso5M+yMBqQz9HyFmNMSuqeOFEPzfO4mREs3Kus2cELbEVZcfo83IsS3
basg//E3Y/JtNpigd+eh4eyd69Ez0qS/fdKsIqNvuEaGZYL9OM5fgbtlSz0LyLKv
QRO07jHAC8AgqtLFZj2MbwPTZ2RcdotfyB4NOgEd9PuQMbmw3KsiVD1gPzqpA1e6
Z8Go+GwDRiBoKJmVHYsxAJBOhhWnA5YIXWnXQ/GVL5p/meRIuaXEa5DcZLR4lBNR
0/KUT44Bo5sKV0s9
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:15:15 2025 by rpki-client